Responsible Disclosure Policy.

Athena Vision LLC (doing business as AthenaVision) is committed to maintaining the security and privacy of our systems and our users. We value the contributions of security researchers and others who help us identify vulnerabilities and improve our services. This Responsible Disclosure Policy outlines how to report security vulnerabilities to us and what you can expect in return.

For all security disclosures, please contact: hello@athenavisionmonitoring.com

1. Reporting a Vulnerability

If you believe you have discovered a security vulnerability in any AthenaVision system, website, or service, we encourage you to report it to us responsibly.

Please include the following in your report:

  • A clear description of the vulnerability, including the website, domain, or page where it can be observed.

  • Steps to reproduce the vulnerability, including any proof-of-concept code or screenshots.

  • The potential impact of the vulnerability if exploited.

  • Your contact information so we can follow up if needed.

We request that reports be submitted in English, if possible.

2. Our Commitment

When you report a vulnerability in accordance with this policy:

  • We will acknowledge receipt of your report within 5 business days.

  • We will triage and assess your report, and may contact you for additional information.

  • We will keep you informed of our progress as we investigate and address the issue.

  • We will notify you when the vulnerability has been resolved, if applicable.

We will not take legal action against individuals who discover and report vulnerabilities in good faith and in accordance with this policy.

3. Guidelines for Responsible Disclosure

To remain compliant with this policy, you must:

  • Avoid accessing, modifying, or deleting data that does not belong to you.

  • Avoid actions that could degrade, disrupt, or damage our services, including denial-of-service attacks.

  • Do not use social engineering, phishing, or physical attacks against AthenaVision staff or infrastructure.

  • Do not publicly disclose details of the vulnerability without our express written consent.

  • Comply with all applicable laws and regulations during your research.

  • Securely delete any data obtained during your research once it is no longer required or within one month of resolution, whichever comes first.

We ask that you do not demand financial compensation in exchange for reporting vulnerabilities. AthenaVision does not offer monetary rewards or bug bounties for responsible disclosures at this time.

4. Scope

This policy applies to vulnerabilities discovered in any digital assets owned or operated by AthenaVision. If you are unsure whether a system is in scope, please contact us for clarification before proceeding.

5. Legal Notice

This policy does not authorize or permit you to act in any manner inconsistent with applicable laws or regulations. If you have any concerns about your activities, please contact us before proceeding.

6. Contact

For all responsible disclosure submissions or questions, please email:
hello@athenavisionmonitoring.com

Thank you for helping us keep AthenaVision and our users safe.